×
Cloud

Why Corporate Cloud Storage Doesn't Add Up 141

Posted by Soulskill from the put-your-data-in-the-buzzword dept.
snydeq writes "Deep End's Paul Venezia sees few business IT situations that could make good use of full cloud storage services, outside of startups. 'As IT continues in a zigzag path of figuring out what to do with this "cloud" stuff, it seems that some companies are getting ahead of themselves. In particular, the concept of outsourcing storage to a cloud provider puzzles me. I can see some benefits in other cloud services (though I still find the trust aspect difficult to reconcile), but full-on cloud storage offerings don't make sense outside of some rare circumstances.'"
Security

DHS Budget Includes No New Airport Body Scanners 70

Posted by Soulskill from the read-my-x-rayed-lips dept.
OverTheGeicoE writes "The Electronic Privacy Information Center has been examining the White House's proposed budget for Department of Homeland Security for 2013, and they point out that it doesn't include any money for additional airport body scanners for TSA. Did the recent scandal involving TSA workers targeting women for scans make the White House realize that TSA is a national embarrassment? Does the executive branch finally understand the questionable safety and effectiveness of these devices? Or does DHS just think it has enough scanners once TSA installs the 250 new scanners in this year's budget?"
Communications

How Mailinator Compresses Its Email Stream By 90% 75

Posted by Soulskill from the ever-faster-ever-smaller dept.
An anonymous reader writes "Paul Tyma, creator of Mailinator, writes about a greedy algorithm to analyze the huge amount of email Mailinator receives and finds ways to reduce its memory footprint by 90%. Quoting: 'I grabbed a few hundred megs of the Mailinator stream and ran it through several compressors. Mostly just stuff I had on hand 7z, bzip, gzip, etc. Venerable zip reduced the file by 63%. Not bad. Then I tried the LZMA/2 algorithm (7z) which got it down by 85%! Well. OK! Article is over! Everyone out! 85% is good enough. Actually — there were two problems with that result. One was that, LZMA, like many compression algorithms build their dictionary based on a fixed dataset. As it compresses it builds a dictionary of common sequences and improves and uses that dictionary to compress everything thereafter. That works great on static files — but Mailinator is not a static file. Its a big, honking, several gigabyte cache of ever changing email. If I compressed a million emails, and then some user wanted to read email #502,922 — I'd have to "seek" through the preceding half-million or so to build the dictionary in order to decompress it. That's probably not feasible.'"
Privacy

Transparency Grenade Collects and Leaks Sensitive Data 103

Posted by Soulskill from the while-appearing-to-be-a-totally-innocuous-grenade dept.
Zothecula writes "If you thought WikiLeaks was a disruptive idea, the transparency grenade is going to blow you away. This tiny bit of hardware hidden under the shell shaped like a classic Soviet F1 hand grenade allows you to leak information from anywhere just by pulling a pin. The device is essentially a small computer with a powerful wireless antenna and a microphone. Following 'detonation,' the grenade intercepts local network traffic and captures audio data, then makes the information immediately available online."
The Internet

Apache 2.4 Takes Direct Aim At Nginx 209

Posted by timothy from the competition-drives-progress dept.
darthcamaro writes "The world's most popular web server is out with a major new release today that has one key goal — deliver more performance than ever before. Improved caching, proxy modules as well as new session control are also key highlights of the release. 'We also show that as far as true performance is based — real-world performance as seen by the end-user- 2.4 is as fast, and even faster than some of the servers who may be "better" known as being "fast", like nginx,' Jim Jagielski, ASF President and Apache HTTP Server Project Management Committee, told InternetNews.com." Here's list of new features in 2.4.
Security

Researchers Break Video CAPTCHAs 109

Posted by Soulskill from the soon-you-will-need-to-authenticate-in-person dept.
Orome1 writes "After creating the 'Decaptcha' software to solve audio CAPTCHAs, Stanford University's researchers modified it and turned it against text and, quite recently, video CAPTCHAs with considerable success. Video CAPTCHAs have been touted by their developer, NuCaptcha, as the best and most secure method of spotting bots trying to pass themselves off as human users. Unfortunately for the company, researchers have managed to prove that over 90 percent of the company's video CAPTCHAs can be decoded by using their Decaptcha software in conjunction with optical flow algorithms created by researchers in the computer vision field of study."
IT

Ask Slashdot: How Do You Deal With Priorities Inflation In IT Projects? 304

Posted by samzenpus from the raise-the-bar dept.
NetDanzr writes "I work for an IT company that has a steady stream of projects, new features to our existing products and technical support issues. As it is customary, though, our development resources are not sufficient to cover the amount of projects. As a result, our delivery dates are slipping, and as a result the average priority of projects is rising. Where the goal was to have only 10% of projects rated high, within a year nearly 50% of projects are rated as such. Our solution is to completely wipe out the project list once per year and start a new, properly prioritized list. How does your company deal with this inflation of priorities?"
Government

UK Government To Demand Data On Every Call, Email, and Tweet 199

Posted by samzenpus from the save-it-all dept.
judgecorp writes "The UK government is proposing a law that would require phone and Internet companies to store information on all communications, and hand it to the security services when required. The Communications Capabilities Development Programme (CCDP) abandoned by the last government is back on the table, proposed as a means to increase security, and likely to be pushed through before the Olympics in London, according to reports."
Open Source

Security Tool HijackThis Goes Open Source 101

Posted by samzenpus from the check-it-out dept.
wiredmikey writes "The popular free security tool HijackThis has been open sourced by its owner, Trend Micro. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems. Downloaded over 10 million times, HijackThis generates reports to help users analyze and fix an infected or problem computer. But the tool is not designed for novices – and doesn't actually determine what's good or bad. That's up to you, but it is a good way to keep an eye on things and possibly locate anomalies that may have been missed by other security products. Trend Micro warns that if you don't know what you're doing, it's probably not a good idea to make any changes to your computer settings and system files. Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here."
Chrome

Google Working On Password Generator For Chrome 175

Posted by Soulskill from the 123456-letmein-hunter2 dept.
Trailrunner7 writes "Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard. The tool Google engineers are working on is a fairly simple one. For people who are using the Chrome browser, whenever a site presents them with a field that requires creating a password, Chrome will display a small key icon, letting the users know that they could allow Chrome to generate a password for them."
Facebook

UK Student Jailed For Facebook Hack Despite 'Ethical Hacking' Defense 356

Posted by Soulskill from the judge-didn't-buy-it dept.
Diamonddavej writes "The BBC reports that software development student Glenn Mangham, a 26-year-old from the UK, was jailed 17 February 2012 for eight months for computer misuse, after he discovered serious Facebook security vulnerabilities. Hacking from his bedroom, Mangham gained access to three of Facebook's servers and was able to download to an external hard drive the social network's 'invaluable' intellectual property (source code). Mangham's defense lawyer, Mr. Ventham, pointed out that Mangham is an 'ethical hacker' and runs a tax registered security company. The court heard Mangham previously breached Yahoo's security, compiled a vulnerability report and passed on to Yahoo. He was paid '$7000 for this achievement,' and claims he was merely trying to repeat the same routine with Facebook. But in passing sentence, Judge Alistair McCreath said despite the fact he did not intend to pass on the information gathered, his actions were not harmless and had 'real consequences and very serious potential consequences' for Facebook. The case's prosecutor, Mr. Patel, said Facebook spent '$200,000 (£126,400) dealing with Mangham's crime.'"
Encryption

John Nash's Declassified 1955 Letter To the NSA 93

Posted by Soulskill from the somebody-borrowed-doc-brown's-delorean dept.
An anonymous reader writes "In 1955, John Nash sent an amazing letter (PDF) to the NSA in order to support an encryption design that he suggested. In it, he anticipates computational complexity theory as well as modern cryptography. He also proposes that the security of encryption can be based on computational hardness and makes the distinction between polynomial time and exponential time: 'So a logical way to classify enciphering processes is by the way in which the computation length for the computation of the key increases with increasing length of the key. This is at best exponential and at worst probably at most a relatively small power of r, ar^2 or ar^3, as in substitution ciphers.'"
Bug

Apple Settles Antennagate Class-Action Lawsuit 130

Posted by Soulskill from the can-you-hear-me-now dept.
An anonymous reader writes "A preliminary settlement has been reached in the class-action lawsuit brought against Apple in June 2010 over the 'Antennagate' fiasco. Ira Rothken, co-lead counsel for the case, says there are 21 million people entitled to either $15 or a free bumper. 'The settlement comes from 18 separate lawsuits that were consolidated into one. All share the claim that Apple was "misrepresenting and concealing material information in the marketing, advertising, sale, and servicing of its iPhone 4 — particularly as it relates to the quality of the mobile phone antenna and reception and related software." The settlement has its own Web site, www.iPhone4Settlement.com, which will be up in the coming weeks (the site doesn't go anywhere right now). There, customers will be able to get information about the settlement and how to make a claim. As part of the arrangement, e-mails will also be sent alerting original buyers to the settlement before April 30, 2012. The claims period is then open for 120 days.'"
Displays

iPad 3 Confirmed To Have 2048x1536 Screen Resolution 537

Posted by timothy from the small-package dept.
bonch writes "After months of reporting on photos of iPad 3 screen parts, MacRumors finally obtained one for themselves and examined it under a microscope, confirming that the new screens will have twice the linear resolution of the iPad 2, with a whopping 2048x1536 pixel density. Hints of the new display's resolution were found in iBooks 2, which contains hi-DPI versions of its artwork. The iPad 3 is rumored to be launching in early March."
Crime

Stealing Laptops For Class Credit 138

Posted by timothy from the for-bonus-points-assassinate-the-prof dept.
First time accepted submitter core_tripper writes "Students at the University of Twente have stolen thirty laptops from various members of the university's staff. They were not prosecuted for this, so they could just get on with their studies. Indeed, these students even received ECTS credits for these thefts. UT researcher Trajce Dimkov asked the students to steal the machines as part of a scientific experiment. Stealing these laptops turned out to be a pretty simple matter."
IT

Ask Slashdot: Life After Software Development? 416

Posted by Soulskill from the would-you-like-fries-with-that dept.
An anonymous reader writes "I've been writing database apps for various industries as the senior developer or tech lead on a given project for most of the past 20 years. The last few years have become particularly taxing as I struggle to reiterate basic concepts to the same technically illiterate managers and stakeholders who keep turning up in charge. While most are knowledgeable about the industries our software is targeting, they just don't get the mechanics of what we do and never will. After so many years, I'm tired of repeating myself. I need a break. I need to walk away from it, and want to look at doing something that doesn't focus heavily on the IT industry day in, day out. Unfortunately, I'm locked to a regional city and I've just spent the majority of my adult life coding, with no other major skills to fall back on. While I'm not keen on remaining in front of a screen, I wouldn't be averse to becoming a tech user and consumer, rather than a creator. Are there similar Slashdotters out there who have made the leap of faith away from tech jobs and into something different? If so, where did you end up? Is there a life after IT for people who are geeks at heart? Apart from staying in my current job, is there any advice for someone who can't really risk the mortgage and kid's education on a whim?"
Security

Are UK Police Hacking File-Sharers' Computers? 177

Posted by samzenpus from the cop-in-the-machine dept.
superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"
Security

JotForm.com Gets Shut Down SOPA-Style 188

Posted by samzenpus from the it-was-nice-knowing-you dept.
itwbennett writes "In a post on the company blog, JotForm.com cofounder Aytekin Tank alerts users that 'a US government agency has temporarily suspended' the jotform.com domain. He explains that it is part of an 'ongoing investigation' of content posted to its site by a user. Although which user and what content haven't yet been disclosed, there is speculation about forms used for a phishing attack on a South African bank. JotForm hosts over two million user-generated forms, and uses software to block fraudulent accounts (65,000 so far), so you can see there's plenty of opportunity for mischief."
Bug

SSD Latency, Error Rates May Spell Bleak Future 292

Posted by timothy from the everything-counts-in-large-amounts dept.
Lucas123 writes "A new study by the University of California and Microsoft shows that NAND flash memory experiences significant performance degradation as die sizes shrink in size. Over the next dozen years latency will double as the circuitry size shrinks from 25 nanometers today, to 6.5nm, the research showed. Speaking at the Usenix Conference on File and Storage Technologies in San Jose this week, Laura Grupp, a graduate student at the University of California, said tests of 45 different types of NAND flash chips from six vendors using 72nm to 25nm lithography techniques showed performance degraded across the board and error rates increased as die sizes shrunk. Triple-Level NAND performed the worst, followed by Multi-Level Cell NAND and Single-Level Cell. The researchers said MLC NAND-based SSDs won't be able to go beyond 4TB and TLC-based SSDs won't be able to scale past 16TB because of the performance degradation, so it appears the end of the road for SSDs will be 2024."

Slashdot Top Deals